diff --git a/Shorewall-common/releasenotes.txt b/Shorewall-common/releasenotes.txt
index 2b37334ca..4b5a690d4 100644
--- a/Shorewall-common/releasenotes.txt
+++ b/Shorewall-common/releasenotes.txt
@@ -50,6 +50,10 @@ Problems corrected in 3.9.7.
 8)  The LOGBURST and LOGLIMIT options in shorewall.conf now work
     correctly
 
+9)  Previously, COMMENT lines could result in invalid iptables-restore
+    input being generated. The quote marks around the comment string 
+    were being removed during iptables-restore input generation.
+
 Other changes in Shorewall 3.9.7.
 
 1)  Shorewall-perl now validates all IP addresses and addresses ranges
diff --git a/Shorewall-perl/Shorewall/Chains.pm b/Shorewall-perl/Shorewall/Chains.pm
index b4bde3b41..21351026b 100644
--- a/Shorewall-perl/Shorewall/Chains.pm
+++ b/Shorewall-perl/Shorewall/Chains.pm
@@ -331,6 +331,12 @@ sub add_rule($$)
     $rule .= " -m comment --comment \"$comment\"" if $comment;
 
     if ( $chainref->{loopcount} || $chainref->{cmdcount} ) {
+	#
+	# The shell has this wonderful habit of removing quote marks. Certain rule constructs such
+	# as --comment and --log-prefix quote the associated value. The following statement
+	# will add an escape to each double quote in the rule so that when the rule is finally
+	# written to the iptables-input file, it will still have quote marks.
+	#
 	$rule =~ s/"/\\"/g;
 	add_command $chainref , qq(echo "-A $chainref->{name} $rule" >&3);
     } else {